This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.resourcesecurity-1.0.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-resourcesecurity.git
commit 27da478a2b02e8f42439e1a40325210984e12e79 Author: Carsten Ziegeler <[email protected]> AuthorDate: Fri Mar 28 16:51:17 2014 +0000 Simplify code, use common method for permission check git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/contrib/jcr/resourcesecurity@1582821 13f79535-47bb-0310-9956-ffa450edef68 --- .../impl/ResourceAccessGateFactory.java | 39 +++++----------------- 1 file changed, 8 insertions(+), 31 deletions(-) diff --git a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java index 7c13fed..6d9c5e2 100644 --- a/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java +++ b/src/main/java/org/apache/sling/jcr/resourcesecurity/impl/ResourceAccessGateFactory.java @@ -20,7 +20,6 @@ package org.apache.sling.jcr.resourcesecurity.impl; import java.util.Map; -import javax.jcr.Node; import javax.jcr.RepositoryException; import javax.jcr.Session; @@ -74,24 +73,13 @@ public class ResourceAccessGateFactory } /** - * Skip the check if the resource is backed by a JCR resource. - * This is a sanity check which should usually not be required if the system - * is configured correctly. - */ - private boolean skipCheck(final Resource resource) { - // if resource is backed by a JCR node, skip check - return resource.adaptTo(Node.class) != null; - } - - /** * Check the permission */ - private GateResult checkPermission(final Resource resource, final String permission) { - if ( this.skipCheck(resource) ) { - return GateResult.GRANTED; - } + private GateResult checkPermission(final ResourceResolver resolver, + final String path, + final String permission) { boolean granted = false; - final Session session = resource.getResourceResolver().adaptTo(Session.class); + final Session session = resolver.adaptTo(Session.class); if ( session != null ) { try { granted = session.hasPermission(jcrPath, permission); @@ -139,7 +127,7 @@ public class ResourceAccessGateFactory */ @Override public GateResult canRead(final Resource resource) { - return this.checkPermission(resource, Session.ACTION_READ); + return this.checkPermission(resource.getResourceResolver(), resource.getPath(), Session.ACTION_READ); } /** @@ -147,7 +135,7 @@ public class ResourceAccessGateFactory */ @Override public GateResult canDelete(Resource resource) { - return this.checkPermission(resource, Session.ACTION_REMOVE); + return this.checkPermission(resource.getResourceResolver(), resource.getPath(), Session.ACTION_REMOVE); } /** @@ -155,7 +143,7 @@ public class ResourceAccessGateFactory */ @Override public GateResult canUpdate(Resource resource) { - return this.checkPermission(resource, Session.ACTION_SET_PROPERTY); + return this.checkPermission(resource.getResourceResolver(), resource.getPath(), Session.ACTION_SET_PROPERTY); } /** @@ -163,17 +151,6 @@ public class ResourceAccessGateFactory */ @Override public GateResult canCreate(String absPathName, ResourceResolver resourceResolver) { - boolean canCreate = false; - - final Session session = resourceResolver.adaptTo(Session.class); - if ( session != null ) { - try { - canCreate = session.hasPermission(jcrPath, Session.ACTION_ADD_NODE); - } catch (final RepositoryException re) { - // ignore - } - } - - return canCreate ? GateResult.GRANTED : GateResult.DENIED; + return this.checkPermission(resourceResolver, absPathName, Session.ACTION_ADD_NODE); } } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
